package se.swedenconnect.opensaml.xmlsec.keyinfo;

import java.io.IOException;
import java.security.PublicKey;
import java.security.interfaces.ECPublicKey;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import net.shibboleth.utilities.java.support.codec.Base64Support;
import net.shibboleth.utilities.java.support.logic.Constraint;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.ASN1StreamParser;
import org.opensaml.core.xml.util.XMLObjectSupport;
import org.opensaml.security.SecurityException;
import org.opensaml.xmlsec.keyinfo.KeyInfoSupport;
import org.opensaml.xmlsec.signature.ECKeyValue;
import org.opensaml.xmlsec.signature.KeyInfo;
import org.opensaml.xmlsec.signature.KeyValue;
import org.opensaml.xmlsec.signature.NamedCurve;

/* loaded from: input_file:se/swedenconnect/opensaml/xmlsec/keyinfo/ExtendedKeyInfoSupport.class */
public class ExtendedKeyInfoSupport {
    public static void addPublicKey(@Nonnull KeyInfo keyInfo, @Nullable PublicKey publicKey) throws SecurityException {
        Constraint.isNotNull(keyInfo, "KeyInfo cannot be null");
        if (!ECPublicKey.class.isInstance(publicKey)) {
            KeyInfoSupport.addPublicKey(keyInfo, publicKey);
            return;
        }
        KeyValue buildXMLObject = XMLObjectSupport.buildXMLObject(KeyValue.DEFAULT_ELEMENT_NAME);
        buildXMLObject.setECKeyValue(buildECKeyValue((ECPublicKey) publicKey));
        keyInfo.getKeyValues().add(buildXMLObject);
    }

    @Nonnull
    public static ECKeyValue buildECKeyValue(@Nonnull ECPublicKey eCPublicKey) throws SecurityException {
        Constraint.isNotNull(eCPublicKey, "EC public key cannot be null");
        try {
            ECKeyValue buildXMLObject = XMLObjectSupport.buildXMLObject(ECKeyValue.DEFAULT_ELEMENT_NAME);
            ASN1Sequence aSN1Primitive = new ASN1StreamParser(eCPublicKey.getEncoded()).readObject().toASN1Primitive();
            ASN1ObjectIdentifier aSN1Primitive2 = aSN1Primitive.getObjectAt(0).toASN1Primitive().getObjectAt(1).toASN1Primitive();
            NamedCurve buildXMLObject2 = XMLObjectSupport.buildXMLObject(NamedCurve.DEFAULT_ELEMENT_NAME);
            buildXMLObject2.setURI("urn:oid:" + aSN1Primitive2.getId());
            buildXMLObject.setNamedCurve(buildXMLObject2);
            org.opensaml.xmlsec.signature.PublicKey buildXMLObject3 = XMLObjectSupport.buildXMLObject(org.opensaml.xmlsec.signature.PublicKey.DEFAULT_ELEMENT_NAME);
            buildXMLObject3.setValue(Base64Support.encode(aSN1Primitive.getObjectAt(1).toASN1Primitive().getBytes(), false));
            buildXMLObject.setPublicKey(buildXMLObject3);
            return buildXMLObject;
        } catch (IOException e) {
            throw new SecurityException("Invalid EC public key parameters", e);
        }
    }

    private ExtendedKeyInfoSupport() {
    }
}
